Cyber Intelligence
Cloud Concepts · 25-30% of exam

L3. Cloud Deployment Models: Public, Private, and Hybrid

Video generating

Check back soon for the video lesson on Cloud Deployment Models: Public, Private, and Hybrid

Where your cloud resources physically reside determines your deployment model. AZ-900 tests public, private, hybrid, and the emerging multi-cloud pattern, plus when to choose each.

Cloud Deployment Models

The deployment model defines where cloud infrastructure runs and who controls it. The AZ-900 exam tests all three models and common scenarios for each.

Public Cloud

In a public cloud, all resources are owned and operated by a third-party cloud provider and delivered over the internet. Azure is a public cloud. Characteristics:

  • No upfront CapEx required
  • Resources are shared across multiple customers (multi-tenancy) with logical isolation
  • Highly scalable on demand
  • Maintained and operated by Microsoft
Best for: New applications, variable workloads, development and testing, software as a service consumption.

Private Cloud

In a private cloud, computing resources are used exclusively by one organization. The infrastructure can be hosted on-premises in the organization's own datacenter or by a third party, but resources are not shared with other organizations. Characteristics:

  • Greater control over security and compliance
  • Organization is responsible for hardware procurement and maintenance
  • Higher upfront CapEx
  • Limited scalability compared to public cloud
Best for: Organizations with strict regulatory requirements, sensitive data, or legacy systems that cannot move to public cloud.

Hybrid Cloud

A hybrid cloud combines public and private clouds, allowing data and applications to move between them. Characteristics:

  • Maximum flexibility: run workloads in the environment best suited to them
  • Compliance-sensitive workloads stay on-premises; scalable workloads use public cloud
  • Requires network connectivity between environments (VPN or ExpressRoute)
Azure hybrid tools: Azure Arc (manage on-premises and multi-cloud resources from Azure), Azure Stack (run Azure services in your own datacenter), Azure VPN Gateway, Azure ExpressRoute. Best for: Organizations with existing on-premises investments, regulatory requirements for data residency, or gradual cloud migration strategies.

Multi-Cloud

Multi-cloud means using services from more than one public cloud provider simultaneously (e.g., Azure plus AWS or GCP). The AZ-900 exam now includes this concept.

ModelWho owns hardwareWho manages itData location
PublicCloud providerCloud providerProvider datacenters
PrivateOrganizationOrganization (or vendor)Organization's datacenter
HybridBothBothBoth
Exam tip: Hybrid cloud is the answer when a question describes an organization that keeps some resources on-premises and some in the cloud.

Exam Focus Points
  • Public cloud: resources owned by a provider, shared infrastructure, no CapEx, accessed over the internet
  • Private cloud: resources used exclusively by one organization, higher control, higher CapEx
  • Hybrid cloud: combination of public and private, connected via VPN or ExpressRoute
  • Azure Arc extends Azure management to on-premises and multi-cloud environments
  • Multi-cloud uses services from more than one public cloud provider simultaneously
Knowledge Check

1. A financial institution must keep customer data within its own datacenters for regulatory reasons but wants to use Azure for analytics workloads. Which deployment model best describes this scenario?

2. Which Azure service enables management of on-premises servers and resources through the Azure portal, extending Azure governance to hybrid environments?

Recommended: Pluralsight

This free course covers the theory. Pluralsight adds guided video paths, hands-on Azure labs, and timed practice exams to help you pass AZ-900 with confidence.

Start AZ-900 prep free10-day free trial available